Posts by fulltilt

    but fail2ban is useless because recently a attacker is using IP pools from a botnet ...
    I have watched this many times ... the same IP will be used only one time and afterwards a new attack with a new IP is started
    no way to block this kind of attacks with iptables or whatever ...
    that is why PMA and Filemanager should be protected with a captcha or used only within the controlpanel

    I have tried another solution with a cookie check and redirect to panel login ...
    the User have to login first before using PMA


    could it be that mod_rewrite is not working within the /tools folders?
    the cookie has been set but I guess rewrite (second htaccess) did not work
    fex:

    Code
    1. nano /var/www/imscp/gui/public/client/.htaccess
    2. Header set Set-Cookie "YourCookieName=YourSecret123456789abcd"
    3. nano /var/www/imscp/gui/public/tools/pma/.htaccess
    4. RewriteEngine On
    5. RewriteCond %{HTTP_COOKIE} !YourCookieName=YourSecret123456789abcd;? [NC]
    6. RewriteRule ^ https://admin.YourPanelURL.tld [R=301,L]

    this htaccess should work but it's also blocking:

    I still have this problem with all my systems migrated from ispcp:
    If a user logged in and click PMA links:

    Code
    1. An error occurred while authentication!


    I have already checked for old IP addresses in /var/cache/bind
    but did not found any IP conflict ...


    need help ?(


    more details:
    using external NS
    i found out that there is a difference in /var/cache/bind/admin.host3.domain.tld.db
    between a test installation in V-Box and real server ...
    at the end of the V-Box file I see many entrys like:

    Code
    1. vu2006 A 192.168.0.38vu2010 A 192.168.0.38vu2018 A 192.168.0.38vu2018als232 A 192.168.0.38vu2018als257 A 192.168.0.38vu2018als259 A 192.168.0.38


    /var/cache/bind/admin.host3.domain.tld.db real server shows only one entry at the end:

    Code
    1. vu2141als89 A 00.00.000.000


    Ich verwende bereits seit mehreren Jahren php-fpm (Nuxwin hats mir mal empfohlen :D). Probleme sind mir bis jetzt keine aufgefallen und bezüglich der Performance, minimal ist diese schon besser. Auf einem Server mit mehreren Kunden ist der Ressourcenverbrauch im Gegensatz zu fcgid wahrscheinlich sogar niedriger. Kannst ja einfach mal testen und gegebenenfalls wieder zurückswitchen.


    klingt gut ;-)
    das x-cache kann dann wohl runter bzw. sollte wohl nicht paralell laufen?